A tool to remotely detect unusual sessions opened on windows machines using RPC
☆120Jun 10, 2025Updated 9 months ago
Alternatives and similar repositories for FindUnusualSessions
Users that are interested in FindUnusualSessions are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A bunch of shenanigans using functions, VEH and more☆38Jun 8, 2025Updated 9 months ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data☆360Jan 8, 2026Updated 2 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆166Jan 23, 2026Updated 2 months ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆261Feb 21, 2025Updated last year
- Python implementation of GhostPack's Seatbelt situational awareness tool☆271Nov 12, 2024Updated last year
- A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts☆171Jun 29, 2025Updated 8 months ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- ☆234Oct 8, 2024Updated last year
- ☆41Feb 20, 2025Updated last year
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆276Dec 27, 2024Updated last year
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- ☆163Updated this week
- psexecsvc - a python implementation of PSExec's native service implementation☆241Feb 11, 2025Updated last year
- ☆198Mar 28, 2025Updated 11 months ago
- Azure Post Exploitation Framework☆245Oct 27, 2025Updated 4 months ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated last year
- 🖥️ Windows 🚀 A Windows tool for emergency privacy: instantly deletes sensitive data and active logins to protect my information during …☆54Jan 26, 2026Updated last month
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- Python based GUI for browsing LDAP☆182Dec 7, 2025Updated 3 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆46Feb 24, 2026Updated last month
- Cobalt Strike BOF for evasive .NET assembly execution☆310Mar 31, 2025Updated 11 months ago
- ☆23Mar 4, 2025Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆640May 8, 2025Updated 10 months ago
- Offensive MSSQL toolkit written in Python, based off SQLRecon☆207Jan 12, 2025Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆424Sep 29, 2025Updated 5 months ago
- ☆20Sep 6, 2025Updated 6 months ago
- ☆33Jan 23, 2025Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆274Jul 1, 2025Updated 8 months ago
- ☆127Jan 23, 2025Updated last year
- A BloodHound collector for Microsoft Configuration Manager☆393Jul 7, 2025Updated 8 months ago
- ☆139Nov 17, 2025Updated 4 months ago
- ☆38Apr 15, 2025Updated 11 months ago
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- adws enumeration bof☆169Feb 16, 2026Updated last month
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆103Jul 9, 2025Updated 8 months ago